Linux Package Management: apt, yum, dnf, pacman
Linux package managers solve a fundamental problem: installing software and managing dependencies without manual compilation or tracking library versions. Unlike Windows executables or macOS DMG...
Key Insights
- Package managers automate software installation, dependency resolution, and system updates—each major Linux distribution uses a different tool optimized for its ecosystem
- APT (Debian/Ubuntu), DNF/YUM (Red Hat/Fedora), and Pacman (Arch) share similar workflows but have distinct syntax and philosophies that reflect their distribution’s approach to stability versus bleeding-edge updates
- Understanding your package manager’s repository system, cache management, and dependency handling prevents broken systems and makes troubleshooting significantly easier
Introduction to Package Management
Linux package managers solve a fundamental problem: installing software and managing dependencies without manual compilation or tracking library versions. Unlike Windows executables or macOS DMG files, Linux distributions use package managers as the central authority for software installation, updates, and removal.
A package manager handles dependency resolution automatically. If you install PostgreSQL, it knows to pull in required libraries like libpq without you manually tracking them. It maintains a database of installed packages, verifies cryptographic signatures, and ensures system consistency.
Different distributions chose different package managers based on their philosophy. Debian-based systems (Ubuntu, Linux Mint) use APT for stability and extensive repositories. Red Hat-based systems (RHEL, Fedora, CentOS) use YUM or DNF for enterprise reliability. Arch Linux uses Pacman for simplicity and rolling releases. Understanding your distribution’s package manager is non-negotiable for effective Linux administration.
APT (Advanced Package Tool) - Debian/Ubuntu
APT dominates the Debian ecosystem, powering Ubuntu, Linux Mint, Pop!_OS, and hundreds of derivatives. It uses .deb package files and maintains repositories defined in /etc/apt/sources.list and /etc/apt/sources.list.d/.
The most critical APT command is the update-upgrade cycle:
sudo apt update && sudo apt upgrade
The update command refreshes the package index from repositories—it doesn’t install anything. The upgrade command actually installs newer versions. Always run update before upgrade or you’ll be working with stale package information.
Searching for packages uses two commands with different purposes:
apt search postgresql
apt show postgresql-14
The search command returns matches from package names and descriptions. The show command displays detailed metadata for a specific package, including dependencies, version, and repository source.
Installing and removing packages is straightforward:
sudo apt install nginx
sudo apt remove nginx
sudo apt purge nginx # Removes config files too
Use purge instead of remove when you want a completely clean slate. The remove command leaves configuration files in /etc/ for potential reinstallation.
APT’s repository configuration lives in /etc/apt/sources.list:
deb http://archive.ubuntu.com/ubuntu/ jammy main restricted
deb http://archive.ubuntu.com/ubuntu/ jammy-updates main restricted
deb http://security.ubuntu.com/ubuntu/ jammy-security main restricted
Each line defines a repository source. The format is: deb [repository-url] [distribution] [components]. The main and restricted components contain officially supported packages. Third-party repositories go in /etc/apt/sources.list.d/ as separate files.
APT caches downloaded packages in /var/cache/apt/archives/. This speeds up reinstallation but consumes disk space. Clean it periodically:
sudo apt clean # Removes all cached packages
sudo apt autoclean # Removes only obsolete packages
YUM & DNF - Red Hat/Fedora/CentOS
YUM (Yellowdog Updater Modified) served Red Hat-based distributions for years. DNF (Dandified YUM) replaced it in Fedora 22 and RHEL 8, offering better performance and dependency resolution. They use .rpm package files.
For modern systems, use DNF. The syntax is nearly identical to YUM:
sudo dnf update
sudo dnf upgrade # Same as update in DNF
Unlike APT, DNF doesn’t require a separate repository refresh command. The update command checks repositories and installs upgrades in one operation.
Installing and removing packages mirrors APT’s simplicity:
sudo dnf install httpd
sudo dnf remove httpd
Red Hat uses different package names than Debian. The Apache web server is httpd instead of apache2, and network tools live in net-tools instead of individual packages.
Searching and package information:
dnf search redis
dnf info redis
DNF’s repository management is more explicit than APT:
dnf repolist # List enabled repositories
dnf repolist all # List all repositories including disabled
Repository configurations live in /etc/yum.repos.d/ as .repo files:
[fedora]
name=Fedora $releasever - $basearch
baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/os/
enabled=1
gpgcheck=1
DNF offers powerful history and rollback features:
dnf history # Show transaction history
dnf history undo 5 # Rollback transaction #5
This is invaluable when an update breaks something. You can roll back entire transactions atomically.
Pacman - Arch Linux
Pacman powers Arch Linux and derivatives like Manjaro and EndeavourOS. It’s fast, simple, and designed for rolling releases. Arch’s philosophy emphasizes simplicity and user control, reflected in Pacman’s design.
The system update command is distinctive:
sudo pacman -Syu
The flags mean: -S (sync), -y (refresh package database), -u (upgrade). Arch users run this regularly since Arch is a rolling release—there are no version numbers, just continuous updates.
Installing and removing packages:
sudo pacman -S docker
sudo pacman -R docker
sudo pacman -Rns docker # Remove with dependencies and config
The -Rns flags mean: -R (remove), -n (remove config files), -s (remove unneeded dependencies). This is the equivalent of apt purge plus dependency cleanup.
Searching and querying:
pacman -Ss kubernetes # Search repositories
pacman -Qs kubernetes # Search installed packages
pacman -Qi docker # Query installed package info
pacman -Si docker # Query repository package info
The distinction between -S (sync/repository) and -Q (query/local) operations is fundamental to Pacman’s design.
Finding orphaned packages—dependencies no longer needed:
pacman -Qdt
sudo pacman -Rns $(pacman -Qdtq) # Remove all orphans
Arch users should run this periodically to prevent cruft accumulation.
Pacman’s configuration lives in /etc/pacman.conf. The Arch User Repository (AUR) contains community-maintained packages not in official repositories. You need AUR helpers like yay or paru to install AUR packages, as Pacman doesn’t handle them directly:
yay -S google-chrome
Common Operations Comparison
Here’s a quick reference for equivalent operations across package managers:
| Operation | APT | DNF | Pacman |
|---|---|---|---|
| Update package database | apt update |
(automatic) | pacman -Sy |
| Upgrade all packages | apt upgrade |
dnf upgrade |
pacman -Syu |
| Install package | apt install pkg |
dnf install pkg |
pacman -S pkg |
| Remove package | apt remove pkg |
dnf remove pkg |
pacman -R pkg |
| Search repositories | apt search term |
dnf search term |
pacman -Ss term |
| Show package info | apt show pkg |
dnf info pkg |
pacman -Si pkg |
| List installed | apt list --installed |
dnf list installed |
pacman -Q |
| Clean cache | apt clean |
dnf clean all |
pacman -Sc |
Best Practices and Troubleshooting
Always update your package database before installing new software. Stale package indexes cause dependency conflicts and failed installations.
Remove unused dependencies regularly to prevent bloat:
sudo apt autoremove # Debian/Ubuntu
sudo dnf autoremove # Red Hat/Fedora
sudo pacman -Rns $(pacman -Qdtq) # Arch
When APT reports broken packages, try:
sudo apt --fix-broken install
sudo dpkg --configure -a
The first command attempts to fix dependency issues. The second reconfigures packages that failed during installation.
For DNF dependency issues:
sudo dnf distro-sync
sudo dnf check
The distro-sync command synchronizes installed packages with repository versions, fixing version mismatches.
Clean package caches when disk space runs low:
sudo apt clean && sudo apt autoclean
sudo dnf clean all
sudo pacman -Sc # Keep current versions
sudo pacman -Scc # Remove everything
Security updates deserve special attention. Enable automatic security updates on production systems:
# Debian/Ubuntu
sudo apt install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades
# Red Hat/Fedora
sudo dnf install dnf-automatic
sudo systemctl enable --now dnf-automatic.timer
For Arch, automatic updates are controversial due to the rolling release model. Manual intervention is often necessary when major updates occur.
Never mix package managers. Don’t use pip install as root when a system package exists. Don’t compile from source when a package is available. Stick to your distribution’s package manager for system-level software. Use language-specific package managers (pip, npm, gem) in virtual environments or user space.
Hold packages at specific versions when needed:
sudo apt-mark hold package-name
sudo dnf versionlock add package-name
# Pacman requires editing /etc/pacman.conf IgnorePkg
Understanding your package manager transforms Linux administration from frustrating to efficient. These tools are powerful, but they require respect. Always read update logs, especially on production systems. Test major updates in staging environments. Keep your system updated, but understand what you’re updating and why.